<?php
/**
 * user class. Provide utilities functions related to user.
 */
class user 
{
    function user() 
    {
    }
    
    /**
     * Get latest registered user.
     * @param $db is a ezSQL_mysql object
     * @param $number the number user will be return
     * @return The list of user object. 
     * User object contain fields is same as defined in database  
     */
    function getLastestUser($db, $number)
    {
    	$sql = sprintf("SELECT * FROM %1\$s ORDER BY user_registered desc LIMIT $number", 
    			TBL_USER);
    	return $db->get_results($sql);
    }
    
    /**
     * Get a user by user name
     * @param $db is a ezSQL_mysql object
     * @param $uname the username want to get other information
     * @return The user object. 
     * User object contain fields is same as defined in database  
     */
    function getUserByUserName($db, $uname)
    {
    	$sql = sprintf("SELECT * FROM %1\$s " .
    			"WHERE user_login='$uname'", TBL_USER);
    	return $db->get_row($sql);
    }
    
     /**
     * Get a user by user ID
     * @param $db is a ezSQL_mysql object
     * @param $id ID of user
     * @return The user object. 
     * User object contain fields is same as defined in database  
     */
    function getUserById($db, $id)
    {
    	$sql = sprintf("SELECT * FROM %1\$s " .
    			"WHERE ID='$id'", TBL_USER);
    	return $db->get_row($sql);
    }
    
     /**
     * Check whether a user is exist in database or not by checking
     * it's ID.
     * @param $db is a ezSQL_mysql object
     * @param $id the user ID
     * @return true if user existed, otherwise return false 
     */
    function existUserByID($db, $id)
    {
    	$sql = sprintf("SELECT count(%1\$s.ID) FROM %1\$s " .
    			"WHERE ID='$id'", TBL_USER);
    	$count = $db->get_var($sql);
    	return ($count > 0);
    }
    
     /**
     * Check whether a user is exist in database or not by checking
     * username.
     * @param $db is a ezSQL_mysql object
     * @param $user_login the user login name
     * @return true if user existed, otherwise return false 
     */
    function existUser($db, $user_login)
    {
    	$sql = sprintf("SELECT count(%1\$s.ID) FROM %1\$s " .
    			"WHERE user_login='$user_login'", TBL_USER);
    	$count = $db->get_var($sql);
    	return ($count > 0);
    }
    
    /**
     * Get all user in database
     * @param $db is a ezSQL_mysql object
     * @return The list of user. 
     * User object contain fields is same as defined in database  
     */
    function getAllUser($db)
    {
    	$sql = sprintf("SELECT * FROM %s", TBL_USER);
    	return $db->get_results($sql);
    }
    
    /**
     * Save user information to database.
     * User information is POST values
     * field name is defined in input form
     * See smarty template for detail of name of form's element.
     */
    function saveUser($db, $info)
    {
    	$sql = sprintf("INSERT INTO %s " .
    			"(user_login, user_pass, user_nicename, user_email," .
    			"user_url, user_registered, is_admin) " .
    			"VALUES ('%s', '%s', '%s', '%s', '%s', now(), %s)", 
    			TBL_USER,
    			$info['user_login'],
    			crypt($info['user_pass'], $info['user_login']),
    			$info['user_nicename'],
    			$info['user_email'],
    			$info['user_url'],
    			($info['is_admin'] != "1" ? "0" : "1"));
    	$res = $db->query($sql);
    	if($res == true)
    	{
    		return $db->insert_id;
    	}
    	else
    		return -1;
    }
    
     /**
     * Update user information to database.
     * User information is POST values
     * field name is defined in input form
     * See smarty template for detail of name of form's element.
     */
    function updateUser($db, $info)
    {
    	$objUser = user::getUserById($db, $info['user_id']);
    	$isChangePass = ($objUser->user_pass != $info['user_pass']);
    	
    	$sql = sprintf("UPDATE %s SET " .
    			($isChangePass?"user_pass = '%s', ": '%s') .
    			"user_nicename = '%s', " .
    			"user_email = '%s', " .
    			"user_url = '%s', " .
    			"is_admin = %s " .
    			"WHERE ID=" . $info['user_id'], 
    			TBL_USER,
    			($isChangePass?crypt($info['user_pass'], $info['user_login']):''),
    			$info['user_nicename'],
    			$info['user_email'],
    			$info['user_url'],
    			($info['is_admin'] != "" ? "1" : "0"));
    			
    	$res = $db->query($sql) >= 0;

    	return $res;
    }
	
	 function updatePass($db, $newspass ,$user,$id)
    {
    	
    	$sql = sprintf("UPDATE %s SET " .
    			("user_pass = '%s' ") .
    			"WHERE ID=" . $id, 
    			TBL_USER,
    			crypt($newspass, $user)
    			);
    			
    	$res = $db->query($sql) >= 0;

    	return $res;
    }
    
     /**
     * Delete user with ID inputted.
     * @param $db is a ezSQL_mysql object
     * @param $id the id of user
     * @return true if user existed, otherwise return false
     */
    function deleteUserByID($db, $id)
    {
    	$sql = sprintf("DELETE FROM %1\$s " .
    			"WHERE ID='$id'", TBL_USER);
    			
    	$res = $db->query($sql) > 0;
    	if($res == true)
    	{
    		$sql = sprintf("UPDATE %1\$s SET " .
    			" page_parent = 0 " .
    			"WHERE page_parent=$id", TBL_PAGE);
    			
    		$db->query($sql);
    	}
    	
    	return $res;
    }
}
?>